Количество 4
Количество 4
CVE-2013-1629
pip before 1.3 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a "pip install" operation.
CVE-2013-1629
pip before 1.3 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a "pip install" operation.
CVE-2013-1629
pip before 1.3 uses HTTP to retrieve packages from the PyPI repository ...
GHSA-g3p5-fjj9-h8gj
Improper Input Validation in pip
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2013-1629 pip before 1.3 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a "pip install" operation. | CVSS2: 6.8 | 40% Средний | больше 12 лет назад |
 | CVE-2013-1629 pip before 1.3 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a "pip install" operation. | CVSS2: 6.8 | 40% Средний | больше 12 лет назад |
| CVE-2013-1629 pip before 1.3 uses HTTP to retrieve packages from the PyPI repository ... | CVSS2: 6.8 | 40% Средний | больше 12 лет назад |
| GHSA-g3p5-fjj9-h8gj Improper Input Validation in pip | CVSS3: 8.4 | 40% Средний | больше 3 лет назад |
Уязвимостей на страницу